Syrian Electronic Army hacks Viber following phishing attack

The Syrian Electronic Army (SEA), a hacking group that supports Syrian president Bashar al-Assad, has claimed responsibility for hacking the support website of communications app Viber, though the company reports no sensitive user data was breached.

SEA tweeted yesterday warning Viber users to delete the app and directed them to the support.viber.com website for reasons why. The page was reportedly defaced with an SEA logo and claims that Viber spies on its users.

The support site has since been disabled and an official statement from Viber to TechCrunch assured users that the hackers only gained access to two minor systems: a customer support panel and a support administration system. Information from one of these systems – including Viber administrators’ names and contact details – was then posted to the support page, although Viber claims no sensitive user data was compromised in the attack.

“Viber’s databases were not ‘hacked’,” the statement said. “Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.”

As evidence of the hack, SEA posted a screenshot alleged to be from a Viber database, which included user information. In a further statement on this data Viber said, “The data is quite basic – we want to know when user registered, where from (country), device type (helps us understand who uses Viber, detect problems, etc), UDID is an internal ID (not the Apple UDID), push token is used to communicate with users (but cannot be used by a 3rd party), etc. While this is not the most sensitive data (message content, address book, etc), we are disappointed that hackers were able to gain access to these systems.”

Viber confirmed that the hack came as a result of a phishing attack on one of its employees and the company is now reviewing policies to prevent such incidences in the future. SEA reportedly used phishing attacks to stage recent hacks of high-profile media sites and social media accounts, including Associated Press and BBC.

UPDATE: Help desk software provider Kayako, which provides customer service software to Viber and more than 30,000 other organisations, has released the following statement to assure its customers: “The security of our customers’ helpdesks and data is our highest priority. As Viber said in their statement, this looks to be an isolated compromise of an individual’s account. Even so, we have taken the precautionary measure of auditing our systems. At this time we have no reason to believe that any other Kayako system or customer has been affected and we will continue to monitor the situation.”